Recently there has been a small uptick in the occurrences in fake software updates, in particular Adobe Flash Player. These especially have been seen targeting Macbooks and other Apple products in order to steal their keychains. This kind of attack can compromise all passwords that were ever saved on all the devices tied to that Apple ID.
Adobe Flash Player is used to deliver high quality web content and animation for viewing and streaming both video and audio. It is hard to find computers and web browsers that don’t have Flash Player installed. Since it is such a commonality many people are use to receiving what seems like almost constant update alerts. These updates are usually done to fix the security vulnerabilities that are found within Flash Player. Hackers have taken advantage of this to create fake updates that deliver malware.
The type of malware that is commonly seen now on Macs focuses on gaining access to the keychain. The keychain is a password management system which stores all passwords for applications, servers, and websites. It also can store sensitive information such as credit card numbers, and PINs for bank accounts. If you choose to use the Keychain, passwords are made accessible on all devices sharing the Apple ID.
In the unfortunate event that your information is compromised via this method, you will have to reset all of your passwords that were stored on the keychain. On top of this, you will also need to ensure that you have removed the attackers access after resetting your password, so they are no longer able to maintain access via active sessions. You will also need to notify any bank or any related financial institutions if your PIN number or other personal information was stored in the keychain and stolen to prevent or stop further financial losses. In addition, you need to ensure that any other personal information such as social security numbers is safe potentially by using identity theft monitoring. In the worst case scenario, the attacker has gained control of the computer and changed your passwords. If this is the case, you should contact Apple as well as a cybersecurity company in the event you need assistance in remediating this problem.
A good security posture can help protect you from this type of compromise. Be sure to never click on links you do not recognize, never connect to strange wireless networks or ones that do not have passwords, and lastly, if it looks out of place it most likely is a scam.
